Classmates Reunion’ Used As Malware Ploy


Recommended Posts

Jan1 2009

‘Classmates Reunion’ Used as Malware Ploy

by Florabel Baetiong (Anti-spam Research Engineer)

"Class reunion invitations (supposedly from classmates.com) are being seen in spam recently — recipients of these messages are asked to click on a link found in the message to get the details of the “reunion†and also see a related video.

Looking at the IP origins of sample spam messages, it appears that these have been sent out by spam bots using dynamic IPs from different dialup and broadband ISPs.

Clicking on the link would actually direct users to a malicious webpage. In this page, a message prompts users to update their Adobe player to be able to view the reunion video, thus tricking them into executing a malicious file.

Trend Micro detects the file as TROJ_AGENT.ADB.

Details & screenshots here: http://blog.trendmicro.com/

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...